Intelligence Chiefs Expect More Cyberattacks Against US

Dan Coats, the U.S. director of national intelligence, testifies before the Senate Intelligence Committee. (Source: PBS)

The top nation-state threats facing the United States are posed by China, Russia, Iran and North Korea, U.S. Director of National Intelligence Dan Coats warned the Senate Intelligence Committee on Tuesday.

Appearing alongside five of the nation's other top intelligence officials, Coats was first to testify, and he warned that "the big four" countries remain a significant threat to both the U.S. government and private sector. He also said their efforts are "likely to further intensify this year."

In the face of myriad threats, knowing which defenses to prioritize remains challenging because attackers' tactics continue to change, Coats said. But some of the dominant threat vectors he highlighted include cyber operations; online influence operations and election interference; weapons of mass destruction and proliferation; terrorism; counterintelligence; space and transnational organized crime; as well as threats of a more regional nature.

Coats began his threat assessment overview, however, by focusing on election security. He said that after Russia's attempt to interfere in 2016 elections, efforts to safeguard the 2018 midterms were successful despite efforts by
"unidentified actors" (see: Redoubling Efforts to Secure Midterm Election).

But he said much more work must be done to safeguard the 2020 elections. "We assess that foreign actors will view the 2020 U.S. elections as an opportunity to advance their interests," Coats said. "We expect them to refine their capabilities and add new tactics as they learn from each other's experiences and efforts in previous elections."

"Not only have the Russians continued to do it in 2018, but we've seen indications that they're continuing to adapt their model, and that other countries are taking a very interested eye in that approach," FBI Director Christopher Wray told the committee.

The U.S. intelligence community's findings, in unclassified form, have been published as part of its latest Worldwide Threat Assessment.

Cyberattacks and Espionage - Top Threats

The intelligence chiefs said that China and Russia pose the biggest risk to U.S. security.

"At present, China and Russia pose the greatest espionage and cyberattack threats, but we anticipate that all our adversaries and strategic competitors will increasingly build and integrate cyber espionage, attack and influence capabilities into their efforts to influence U.S. policies and advance their own national security interests," according to the report.

"In the last decade, our adversaries and strategic competitors have developed and experimented with a growing capability to shape and alter the information and systems on which we rely," it says. "For years, they have conducted cyber espionage to collect intelligence and targeted our critical infrastructure to hold it at risk. They are now becoming more adept at using social media to alter how we think, behave and decide."

Geopolitically speaking, some of America's adversaries have also been aligning. "China and Russia are more aligned than at any point since the mid-1950s, and the relationship is likely to strengthen in the coming year as some of their interests and threat perceptions converge, particularly regarding perceived U.S. unilateralism and interventionism and Western promotion of democratic values and human rights," according to the report.

But Wray said China poses a significant challenge.

"I think China writ large is the most significant counterintelligence threat we face. We have economic espionage investigations, for example - that's just one piece of it - in virtually every one of our 56 field offices," he told the committee (see: Feds Urge Private Sector 'Shields Up' Against Hackers).

The FBI takes the lead on counterintelligence, investigating foreign intelligence operations and espionage. "Beijing will authorize cyber espionage against key U.S. technology sectors when doing so addresses a significant national security or economic goal not achievable through other means," according to the threat report.

"The Chinese counterintelligence threat is more deep, more diverse, more vexing, more challenging, more comprehensive and more concerning than any counterintelligence threat I can think of," Wray said.

Meanwhile, a number of political events due to happen this year, including Brexit, could also complicate efforts by the U.S. and its allies to repel attacks and operations being run by China and Russia.

"The United Kingdom's scheduled exit from the EU on 29 March 2019, European Parliament elections in late May, and the subsequent turnover in EU institutional leadership will limit the ability of EU and national leaders to contend with increased Russian and Chinese efforts to divide them from one another and from the United States," the report says.

Iran's Cyber Threat

"Iran uses increasingly sophisticated cyber techniques to conduct espionage; it is also attempting to deploy cyberattack capabilities that would enable attacks against critical infrastructure in the United States and allied countries," the report says. "Tehran also uses social media platforms to target U.S. and allied audiences."

North Korea Targets Banks

"North Korea continues to use cyber capabilities to steal from financial institutions to generate revenue," it says. "Pyongyang's cybercrime operations include attempts to steal more than $1.1 billion from financial institutions across the world - including a successful cyber heist of an estimated $81 million from the New York Federal Reserve account of Bangladesh's central bank."

Tools Complicate Attribution

Online attacks by nation-states as well as others - including criminal groups - have been aided by the increased availability of powerful open source and commercially available attack tools, the report warns, noting that the use of such tools has made it more difficult to accurate attribute cyberattacks (see: Cybercrime Groups and Nation-State Attackers Blur Together).

Assessment Reveals Gap With Trump

The Tuesday testimony by the nation's intelligence chiefs is also notable because many of the threats they highlighted appear to stand in opposition to many of President Donald Trump's foreign and domestic security policies.

The president often highlights the national security threat posed by the country's southern border. He has also declared that the militant Islamic State group has been defeated and that North Korea no longer poses a nuclear threat - while Iran does. And he has continued to question whether Russia interfered in the U.S. political sphere (see: How Trump Talks About Russian Hacking).

The intelligence chiefs' testimony, however, appeared to directly rebut each of those assertions. They warned that Islamic State could easily regroup, that North Korea is continuing to develop nuclear weapons - while Iran is not, and they said not only Russia but now other countries are refining their tactics for interfering in the United States' and allies' democratic processes.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.